Spearphishing Attack Spoofs Microsoft.com to Target 200M Office 365 Users

2020-12-08 13:54

A spearphishing attack is spoofing Microsoft.com to target 200 million Microsoft Office 365 users in a number of key vertical markets, including financial services, healthcare, manufacturing and utility providers.

The attack is particularly deceiving because it deploys an exact domain spoofing technique, "Which occurs when an email is sent from a fraudulent domain that is an exact match to the spoofed brand's domain," Ovadia wrote.

The attack is comprised of a realistic-looking email that attempts to persuade users to take advantage of a relatively new Office 365 capability that allows for them to reclaim emails that have been accidentally marked as spam or phishing messages, according to the report.

To mitigate attacks, Ironscales advised organizations to configure their email defense and protection systems for DMARC, which should detect and reject emails coming from the latest Office 365 campaign, according to the report.

"Advanced mailbox-level email security that continuously studies every employee's inbox to detect anomalies based on both email data and metadata extracted from previously trusted communications can help stop email spoofs that slip through the cracks," Ovadia added.

News URL

https://threatpost.com/spearphishing-attack-spoofs-microsoft-office-365/162001/

#attack #microsoft #office #office365 #spearphishing

News URL

Related news